You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@netbeans.apache.org by "Antonio Vieiro (Jira)" <ji...@apache.org> on 2020/07/31 17:23:00 UTC

[jira] [Commented] (NETBEANS-4662) Old versions of NetBeans stored "scrambled" passwords.

    [ https://issues.apache.org/jira/browse/NETBEANS-4662?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17169024#comment-17169024 ] 

Antonio Vieiro commented on NETBEANS-4662:
------------------------------------------

This is the class implementing this "scrambler" algorithm in the Oracle source code (this class was not donated with CND).

http://hg.netbeans.org/cnd-main/file/tip/remotefs.versioning.api/src/org/netbeans/modules/remotefs/versioning/api/Scrambler.java

> Old versions of NetBeans stored "scrambled" passwords.
> ------------------------------------------------------
>
>                 Key: NETBEANS-4662
>                 URL: https://issues.apache.org/jira/browse/NETBEANS-4662
>             Project: NetBeans
>          Issue Type: New Feature
>            Reporter: Antonio Vieiro
>            Priority: Major
>
> Old versions of NetBeans used "scrambled" passwords in connection strings.
> See, for instance, [http://www.cvsnt.org/cvsclient/Password-scrambling.html]
> I don't think this is safe to use nowadays, we should use encrypted passwords or modern techniques instead in Apache NetBeans.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@netbeans.apache.org
For additional commands, e-mail: commits-help@netbeans.apache.org

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists